Informations about SSL certificates and networks security
Auto Added by WPeMatico
SMS phishing attacks — annoyingly called “smishing” — are becoming more common. I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the “Fedex package delivered” messages the article talks about. Mine are usually of the form: “Thank you for paying your bill, … Read More “SMS Phishing Attacks are on the Rise” »
Interesting: Drawing inspiration from cephalopod skin, engineers at the University of California, Irvine invented an adaptive composite material that can insulate beverage cups, restaurant to-go bags, parcel boxes and even shipping containers. […] “The metal islands in our composite material are next to one another when the material is relaxed and become separated when the … Read More “Friday Squid Blogging: Squid Skin–Inspired Insulating Material” »
Interesting implementation mistake: The vulnerability, which Oracle patched on Tuesday, affects the company’s implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic curve cryptography to authenticate messages digitally. […] ECDSA signatures rely on a pseudo-random number, typically notated as K, … Read More “Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries” »
Ronan Farrow has a long article in The New Yorker on NSO Group, which includes the news that someone — probably Spain — used the software to spy on domestic Catalonian sepratists. Powered by WPeMatico
Beanstalk Farms is a decentralized finance project that has a majority stake governance system: basically people have proportiona votes based on the amount of currency they own. A clever hacker used a “flash loan” feature of another decentralized finance project to borrow enough of the currency to give himself a controlling stake, and then approved … Read More “Clever Cryptocurrency Theft” »
New paper: “Planting Undetectable Backdoors in Machine Learning Models: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier … Read More “Undetectable Backdoors in Machine-Learning Models” »
Beautiful video shot off the California coast. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico
A Russian cyberweapon, similar to the one used in 2016, was detected and removed before it could be used. Key points: ESET researchers collaborated with CERT-UA to analyze the attack against the Ukrainian energy company The destructive actions were scheduled for 2022-04-08 but artifacts suggest that the attack had been planned for at least two … Read More “Russian Cyberattack against Ukrainian Power Grid Prevented” »
John Oliver has an excellent segment on data brokers and surveillance capitalism. Powered by WPeMatico
Andy Greenberg wrote a long article — an excerpt from his new book — on how law enforcement de-anonymized bitcoin transactions to take down a global child porn ring. Within a few years of Bitcoin’s arrival, academic security researchers — and then companies like Chainalysis — began to tear gaping holes in the masks separating … Read More “De-anonymizing Bitcoin” »